Some embodiments provide a method for a first device to synchronize a set of data items with a second device. The method receives a request to synchronize the set of data items stored on the first device with the second device. The method determines a subset of the synchronization data items stored on the first device that belong to at least one synchronization sub-group in which the second device participates. Participation in at least one of the synchronization sub-groups is defined based on membership in at least one verification sub-group. The first and second devices are part of a set of related devices with several different verification sub-groups. The method sends only the subset of the synchronization data items that belong to at least one synchronization sub-group in which the second device participates to the second device using a secure channel.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for synchronizing data items between devices, the method comprising, at a first device: receiving, from a second device, a request for the second device to become a member of at least one verification sub-group of a plurality of verification sub-groups of which at least the first device is a member; analyzing aspects of the second device to identify, among the plurality of verification sub-groups, at least one verification sub-group of which the second device is eligible to become a member; causing the second device to become a member of the at least one verification sub-group; identifying a set of synchronization data items in response to receiving a first request to synchronize a set of data items stored on the first device with the second device; identifying a first subset of the synchronization data items that belong to at least one synchronization sub-group defined by the at least one verification sub-group; and sending, to the second device using a secure channel, only the first subset of the synchronization data items.
2. The method of claim 1 , wherein each data item in the set of synchronization data items is associated with at least one tag that indicates a respective synchronization sub-group to which the data item belongs, and the method further comprises: receiving a new data item from user input; and tagging the new data item as belonging to a particular synchronization sub-group.
3. The method of claim 1 , wherein: the at least one verification sub-group comprises all devices that are associated with a same cloud services account.
4. The method of claim 1 , further comprising, subsequent to causing the second device to become a member of the at least one verification sub-group: notifying all devices that are members of the at least one verification sub-group, including the second device, that the second device is a member of the at least one verification sub-group.
5. The method of claim 1 , wherein the aspects of the second device include one or more of an operating system of the second device, a password strength of a master password assigned on the second device, or an inclusion of a secure processor within the second device.
6. The method of claim 1 , wherein the set of data items comprises at least one of a username and password for a website, a password for a Wi-Fi network, a cryptographic secret, a secure note, or an electronic file.
7. The method of claim 1 , wherein each synchronization sub-group defines a type of data that belongs to the at least one synchronization sub-group.
8. The method of claim 1 , further comprising: receiving, from the second device over the secure channel, a new data item that belongs to the at least one synchronization sub-group; and adding the new data item to the set of data items.
9. The method of claim 8 , wherein adding the new data item to the set of data items causes the new data item to be provided to the first device.
10. At least one non-transitory computer readable storage medium configured to store instructions that, when executed by at least one processor included in a first device, cause the first device to synchronize data items, by carrying out steps that include: receiving, from a second device, a request for the second device to become a member of at least one verification sub-group of a plurality of verification sub-groups of which at least the first device is a member; analyzing aspects of the second device to identify, among the plurality of verification sub-groups, at least one verification sub-group of which the second device is eligible to become a member; causing the second device to become a member of the at least one verification sub-group; identifying a set of synchronization data items in response to receiving a first request to synchronize a set of data items stored on the first device with the second device; identifying a first subset of the synchronization data items that belong to at least one synchronization sub-group defined by the at least one verification sub-group; and sending, to the second device using a secure channel, only the first subset of the synchronization data items.
11. The at least one non-transitory computer readable storage medium of claim 10 , wherein each data item in the set of synchronization data items is associated with at least one tag that indicates a respective synchronization sub-group to which the data item belongs, and the steps further include: receiving a new data item from user input; and tagging the new data item as belonging to a particular synchronization sub-group.
12. The at least one non-transitory computer readable storage medium of claim 10 , wherein the steps further include, subsequent to causing the second device to become a member of the at least one verification sub-group: notifying all devices that are members of the at least one verification sub-group, including the second device, that the second device is a member of the at least one verification sub-group.
13. The at least one non-transitory computer readable storage medium of claim 10 , wherein the aspects of the second device include one or more of an operating system of the second device, a password strength of a master password assigned on the second device, or an inclusion of a secure processor within the second device.
14. The at least one non-transitory computer readable storage medium of claim 10 , wherein the set of data items comprises at least one of a username and password for a website, a password for a Wi-Fi network, a cryptographic secret, a secure note, or an electronic file.
15. The at least one non-transitory computer readable storage medium of claim 10 , wherein the steps further include: receiving, from the second device over the secure channel, a new data item that belongs to the at least one synchronization sub-group; and adding the new data item to the set of data items.
16. The at least one non-transitory computer readable storage medium of claim 15 , wherein adding the new data item to the set of data items causes the new data item to be provided to the first device.
17. A first device configured to synchronize data items, the first device comprising: at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the first device to: receive, from a second device, a request for the second device to become a member of at least one verification sub-group of a plurality of verification sub-groups of which at least the first device is a member; analyze aspects of the second device to identify, among the plurality of verification sub-groups, at least one verification sub-group of which the second device is eligible to become a member; cause the second device to become a member of the at least one verification sub-group; identify a set of synchronization data items in response to receiving a first request to synchronize a set of data items stored on the first device with the second device; identify a first subset of the synchronization data items that belong to at least one synchronization sub-group defined by the at least one verification sub-group; and send, to the second device using a secure channel, only the first subset of the synchronization data items.
18. The first device of claim 17 , wherein each data item in the set of synchronization data items is associated with at least one tag that indicates a respective synchronization sub-group to which the data item belongs, and the at least one processor further causes the first device to: receive a new data item from user input; and tag the new data item as belonging to a particular synchronization sub-group.
19. The first device of claim 17 , wherein the at least one processor further causes the first device to, subsequent to causing the second device to become a member of the at least one verification sub-group: notify all devices that are members of the at least one verification sub-group, including the second device, that the second device is a member of the at least one verification sub-group.
20. The first device of claim 17 , wherein the aspects of the second device include one or more of an operating system of the second device, a password strength of a master password assigned on the second device, or an inclusion of a secure processor within the second device.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
September 30, 2015
February 5, 2019
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.